A colleague of mine and I are having a discussion on the impact of
spoofed IP address on defending against DDoS attacks.
My contention is that spoofed IP addresses adds significantly to effort
needed to put down a DDoS attack. His idea is that although it might add
some complexity, but not much, and that most (tier 1) ISPs have
sophisticated anti-DDoS techniques and equipment that would quickly
minimize any complexity added by the spoofed addresses.
Ideas, thoughts, from those who have been there, done that?
Roger
*******************************************************************
*Roger A. Grimes, Banneret Computer Security, Consultant
*CPA, CISSP, MCSE: Security (2000/2003/MVP), CEH, yada...yada...
*email: roger at banneretcs.com
*Author of Honeypots for Windows (Apress)
*http://www.apress.com/book/bookDisplay.html?bID=281
*******************************************************************